Computer Science ›› 2016, Vol. 43 ›› Issue (1): 191-194.doi: 10.11896/j.issn.1002-137X.2016.01.043

Previous Articles     Next Articles

CP-ABE Scheme with Supporting Policy Elastic Updating in Cloud Storage Environment

XIONG An-ping, XU Chun-xiang and FENG Hao   

  • Online:2018-12-01 Published:2018-12-01

Abstract: In recent years,CP-ABE has been researched extensively as an access control mechanism in cloud storage environment.Because existing access control schemes based on CP-ABE can not support the elastic update with the system properties in cloud storage environment,this paper used the cloud storage service provider’s(CSP’s) storage and computing resources advantages,and proposed a cloud storage access control scheme which supports the system attribu-tes revocation or recovery based on the attribute-based access control with efficient revocation(AB-ACER) scheme.The scheme introduces virtual attributes for the access control tree,and when system attributes have been revoked or recovered,CSP only provides small re-encryption computation.Security analysis and performance analysis show that the proposed scheme not only supports a changeable access control policy for data owner(DO),but also ensures the confidentiality of data and the fine-grained access control,and reduces a large number of encryption calculation works for DO.

Key words: Cloud storage,CP-ABE,System attribute update,Virtual attribute,Access control

[1] Amazon.com.Amazon s3 Availability Event:July 20,2008.http://status.aws.amazon.com/s3-20080520.html
[2] Arrington M.Gmail Disaster:Reports of Mass Email Deletions[R/OL].http://www.techcrunch.com/2006/12/28/gmail-disa-ster-reports-of-massemail-deletions
[3] Krigsman M.Apple’s MobileMe Experiences Post-Launch Pain.http://blogs.zdnet.com/projectfailures/?p=908
[4] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥CCS.ACM,2006:89-98
[5] Su Jin-shu,Cao Dan,Wang xiao-feng,et al.Attribute-Based Encryption Schemes[J]Journal of Software, 2011,2(6):1299-1315
[6] Hur J,Noh D K.Attribute-based access control with efficient revocation in data outsourcing systems[J].IEEE Transactions on Parallel and Distributed Systems,2011,22(7):1214-1221
[7] Dara K.Microsoft’s 2012-11 SkyDrive accidently freezes outOpera users[EB/OL].[2014-04-20].http://www.cnet.com/news/microsofts-skydrive-accidently-freezes-out-opera-users
[8] Sahai A,Waters B.Fuzzy Identity-Based Encryption[M]∥Advances in Cryptology EUROCRYPT 2005.Springer Berlin Heidelberg,2005:457-473
[9] Xiong An-ping,Xu Chun-xiang.Energy Efficient Multiresource Allocation of Virtual Machine Based on PSO in Cloud Data Center[J].Mathematical Problems in Engineering,2014,18(5):816-830
[10] Bethencourt J,Sahai A,Waters B.Ciphertext-Policy Attribute-Based Encryption[C]∥IEEE Symposium on Security and Privacy,2007(SP’07).IEEE,2007:321-334
[11] Pirretti M,Traynor P,McDaniel P,et al.Secure Attribute-Based Systems[J].Journal of Computer Security,2010,18(5):799-837
[12] Ostrovsky R,Sahai A,Waters B.Attribute-Based Encryptionwith Non-Monotonic Access Structures[C]∥Proceedings of the 14th ACM Conference on Computer and Communications Securi-ty.ACM,2007:195-203
[13] Yu S,Wang C,Ren K,et al.Attribute Based Data Sharing with Attribute Revocation[C]∥Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security.ACM,2010:261-270
[14] Yu S,Ren K,Lou W.Attribute-based on-demand multicastgroup setup with membership anonymity[J].Computer Networks,2010,54(3):377-386
[15] Shamir A.Identity-Based Cryptosystems and Signature schemes[C]∥Advances in cryptology.Springer Berlin Heidelberg,1985:47-53
[16] Huang Zhi-hong,Wu Li-li,Zhang Bo.Network Security Threats and Prevention on Cloud Computing[J].Journal of Chongqing University of Technology(Natural Science),2012,6(8):85-90(in Chinese)黄志宏,巫莉莉,张波.基于云计算的网络安全威胁及防范[J].重庆理工大学学报(自然科学),2012,26(8):85-90

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!